Johnathan Hodge

PCI – So what?

06.25.2014 | Posted by Johnathan Hodge

As we release the Sumo Logic App for PCI Compliance, I was reflecting on how tough PCI compliance is. It’s obviously an essential part of any organization’s IT strategy that handles credit cardholder information – but it’s tough – monitoring compliance across all the requirements is a big undertaking. And a mistake can have disastrous results.

Because of this, I really like the new guidance I read in v3 of the PCI DSS, released in November 2013, in the new section called “Implementing PCI DSS into Business-as-Usual Processes”. To do this, you need, amongst other things, excellence in monitoring, detection, timely root-cause analysis and well-designed remediation.

Now, the new PCI App from Sumo Logic obviously supports these things. With a broad array of dashboards, reports and searches specifically designed to monitor and detect potential issues across the 12 requirements, hidden within the terabytes of log files that many customers have, our PCI App is strong. But so what? Highlighting there is an issue is close to useless unless you provide the tools to take effective action in diagnosing root cause – making change happen. And as industry experts remind us, no matter what “us vendors” say, there are always false-positives that need to be examined and can get in the way of underlying issues. We’ve all used analysis tools that highlight an issue but then make it nearly impossible to take that critical step to true root cause identification. There’s little more frustrating than hitting that “So what?” moment.

What makes our PCI App exceptional and different is the fact it’s based on the Sumo Logic platform. Once we alert you to a potential failure, it’s simple to identify which Requirement to focus on, and from there to drill into the details. Our unique features, such as Anomaly Detection and LogReduce, make finding the needles in the remaining haystacks painless – and quick.

PCI App

 

 

 

 

 

 

 

 

 

So what? So, Sumo Logic’s PCI App will not simply highlight potential PCI infractions, it will dramatically reduce the time to root cause analysis – leaving you no time to even consider the “So what?” question. You will be too busy putting new measures in place to prevent the cause of the failure recurring.

Jana Lass

The Internet of Things…and by “Things” we mean Cats! [Infographic]

06.20.2014 | Posted by Jana Lass

The Internet of Things. The popularity of this topic seems to be growing just about as rapidly as as the amount of machine data generated by these “things” has.  A few weeks back, our beloved co-founder and CTO, Christian Beedgen, penned an article, The Internet of Things: More Connectivity Can Mean More Vulnerability, where he discusses some of the security challenges that exist around the exponentially growing number of devices connected to the internet.

Most major tech companies have written about or published infographics about IoT, yet when I read these articles or review infographics, they all seem to be missing a very obvious fact about the Internet…The Internet is made up of cats. To highlight what’s truly representative of our interconnectedness, we present you with an infographic around  ”The Internet of Cats.” Enjoy!

Cat-Infographic-Large

Amanda Saso, Principal Tech Writer

Our Help? It’s in the Cloud.

06.16.2014 | Posted by Amanda Saso, Principal Tech Writer

I like to fashion myself as a lower-level Cloud evangelist. I’m amazed at the opportunities the Cloud has afforded me both professionally and personally in the past four or five years. I tend to run head-first into any Cloud solution that promises to make my life better, and I’m constantly advocating Cloud adoption to my friends and family.

The consumer-level Cloud services that have developed over the past few years have changed how I relate to technology. Just like everyone else, I struggle with balancing work, mom duties, volunteer activities, and so on. Being able to keep my data handy simplifies my life–having records in the Cloud has saved me in several situations where I could just call up a document on my iPhone or iPad. No matter which Cloud app I’m using, I’m in the loop if I’m sitting at work or watching my kids at gymnastics (so long as I remember to charge my phone–there’s that darn single point of failure).

I respect Sumo for being a Cloud company that behaves like a Cloud company. We might have one physical server rattling around in an otherwise-empty server room, but I don’t know the name of it–I don’t ever need to access it. We run in the Cloud, we scale in the Cloud, we live in the Cloud. To me, that gives Sumo Logic an uncommon brand of Cloud legitimacy.

So what does all this have to do with Sumo Logic’s Help system? I started making noise about moving our online Help into the Cloud because I wanted the ability to dynamically update Help. At the time, my lovingly written files were somewhat brutally checked into the code, meaning that my schedule was tied to the engineering upgrade schedule. That worked for a while, but as we trend towards continuous delivery of our product, it wasn’t scaling. I knew there had to be a better way, so I looked to the Cloud.

My sense of urgency wasn’t shared by everyone, so I made a fool of myself at a Hack-a-Thon, attempting to make it happen. It was an epic failure, but a great learning experience for me. Knowing that I could spin up an instance of whatever kind of server my little heart desired was a game changer–what was once something that required capital expense (buying a Linux box or a Windows Server) was now available with a few clicks at minimal cost.

Within a month or so, I had convinced my manager of the legitimacy of my project. Eventually our Architect, Stefan Zier, took pity on me. He set up an S3 Bucket in AWS (Sumo runs in AWS, so this is a natural choice), then configured our test and production deployments to point to the URL I chose for our Help system. The last bit of engineering magic was leveraging an internal engineering tool that I use to update the URL for one or more deployments. Within a few days it worked. I now can push updates to Help from my own little S3 Bucket whenever I like. That is some awesome agility.

To those who are not tech writers, this may seem unremarkable, but I don’t know any other organizations with Cloud-based tech pubs delivery systems. I couldn’t find any ideas online when I was trying to do this myself. No blog posts, no tools. It was uncharted. This challenge really lit a fire under me–I couldn’t figure out why nobody seemed to be delivering Help from the Cloud.

The Cloud also improves the quality of my work, and grants me new options. Using an S3 Bucket means that I can potentially set up different Help systems for features that are only accessed by a subset of customers. I can take down anything that contains errors–which very, very rarely happens (yeah, right). I can take feedback from our Support team, Project Managers, Customer Success Team, Sales Engineers, and even from guys sitting around me who mumble about things that are missing when they try to write complicated queries. (Yes, our engineers learn about Sumo Logic operators using the very same Help system as our customers.)

Here’s the best part. As our team of tech writers grows (it’s doubled to two in 2014!), I don’t need an IT guy to configure anything; my solution scales gracefully. The authoring tool we use, Madcap Flare, outputs our Help in HTML 5, meaning that the writers don’t need any IT or admin support converting files, nor hosting them in a specific way. (Incidentally, when you check out our Help, everything you see was customized with the tools in Flare, using, of all things, a mobile help template.) Flare has earned a special place in my heart because my deliverables were ready for Cloud deployment; no changes in my process were needed.  There are no wasted resources on tasks that the writers are perfectly capable of performing, from generating output to posting new files. That’s the great part about the Cloud. I can do myself what it would take an IT guy to handle using any on-premise server solution.

Funny, that sounds just like Sumo Logic’s product: Instead of wasting time racking servers, people can do their job right out of the gate. That’s value added. That’s the Cloud.

Twitter